In recent weeks, the Information Security team has uncovered a phishing scam that has been directed at our student community.
These emails have been sent from multiple Gmail accounts as well as accounts from other establishments and compromised university accounts. The attackers have also spoofed our @montclair.edu domain so that messages appear to look legitimate. The attacker imitates a Montclair State University faculty/staff member each time asking to communicate further via a personal email address or text message in order to hide their tracks.
Example of this phishing email:
Please be on the lookout for any emails that reflect this description. In the event you are unsure if something is legitimate, you should always contact the department directly before proceeding. When doing so, be sure to use the information found on our Montclair State University website, do not use any information provided in an email.
If you or anyone you know has fallen for this scam or similar, please change your password via the NetID Account Management Center immediately and discontinue any communication with this attacker. If you have provided any personal information or money, please contact the University Police for further assistance.
Should you receive an email similar to this and have not interacted with the attacker, please report the phishing attempt via Gmail by viewing the message and clicking the three(3) vertical dots, and clicking “Report phishing”.
For more information about phishing or any other security information, please visit the Information Security webpage.